byaluciani07-01-201606:13 AM - edited 07-01-201606:16 AM
Welcome back! This is the last blog of the security-first blog series. Let’s do a quick recap. In the first blog, we discussed the importance of building a secure platform by including security conscious code through an iterative security development lifecycle (SecDL). Then we followed it up with deploying and managing infrastructure through a secure interface utilizing two-factor authentication and cluster lockdown features to prevent unauthorized access.
In this blog, we will discuss how the Nutanix enterprise cloud platform simply scales with secure building blocks as business needs change. In addition, we will discuss Nutanix support and their ability to quickly remediate new security threats.
Legacy Infrastructure is Not Secure
Looking for the “safest” infrastructure is not always easy but understanding the entire offering pays dividends in the long run. Security is not always considered on the front end when purchasing infrastructure, but it is crucial when it comes to supporting and scaling it.
There are a few key avenues that should be considered as requirements are drawn for new environments. For example, leveraging external security expertise reduces the requirements placed on internal IT teams, holistic support narrows the time to removing threats, and securely scaling systems maintains minimal attack surfaces as infrastructure grows.
Security expertise: In order to keep infrastructure secure once it has been deployed, one approach is for enterprises to invest in security expertise to understand new vulnerabilities and how it affects their infrastructure. However, the onus shouldn’t be put on the customer, the vendor should provide the expertise and patches in days/weeks and not months or years through non-disruptive upgrades as they are the authority on the infrastructure.
Holistic support: Applying security patches to vulnerable systems in production environments without a holistic view could leave several systems unpatched due to compatibility concerns, forcing infrastructure to remain vulnerable. This quickly snowballs out of control and renders systems to fall out compliance.
Securely scale with confidence: Building an enterprise cloud enables fractional consumption models and, as business demands change, keeping infrastructure secure as it scales is highly important. In order to reduce zero-day threats, systems must be shipped with a hardened by default security posture that can be added to an existing cluster with confidence.
Nutanix keeps security front and center
Security-first is not just a saying. Nutanix has security professionals on staff who continually monitor threats out in the wild. This team is laser-focused on delivering a platform that is designed to be good enough even for government users out of the box. For example, when a new vulnerability is discovered the security team works closely with engineering teams to pin-point the vulnerability and issue a patch through a non-disruptive upgrade.
This process is similar to public cloud providers who own the entire infrastructure and can quickly resolve known threats. The Nutanix enterprise cloud platform is designed to bring the same security to on-prem infrastructure.
Support understands the entire topology
Anyone who has ever worked in enterprise IT understands the process of creating a support call with a vendor, which is quickly multiplied with legacy three-tier architecture. The Nutanix enterprise cloud platform includes compute, storage, and virtualization all in one platform, providing support with a holistic view. For example, Nutanix support has the ability to look at the entire infrastructure stack end-to-end to quickly diagnose problems, often times in days and not months.
Extending this concept to security patches could easily exacerbate the problem. Imagine a scenario where a new vulnerability is discovered across SSL (Secure Socket Layer) discussed in a previous blog and how each one of the components in a legacy three-tier infrastructure is affected. A simple patch that should apply across the stack has now created three separate support tickets and potentially countless hours of downtime as systems are upgraded.
Scaling has never been so easy
Public clouds have encouraged enterprise IT teams to rethink scaling environments to be more dynamic and respond to new business requirements at a new pace. Securely scaling the environment has to be handled with simplicity and without disruption. Nutanix does not distinguish between the building blocks in terms of security, as the underlying software is hardened through the same rigorous process discussed in a previous blog throughout the platform.
There is also a great blog which dives into the Nutanix architecture and how the platform is built to scale. The secure platform is built using the Nutanix Distributed File Systems (NDFS) at the core, which leverages the distribution of resources. As nodes are brought into the cluster, resource allocations are dispersed in order to handle additional workloads.
In contrast, many other platforms may have some ability to scale but they increase their attack surface at the same time. Also, they don’t always scale without disrupting the environment. The Nutanix experience offers secure seamless infrastructure that scales.
This is the last blog in the security-first blog series and we’ve uncovered how starting with a secure platform makes the lifecycle of deploying, managing, scaling and supporting easier. Creating products in a security conscious environment removes multiple attack vectors and limits how the infrastructure can be exploited.
Deploying and managing infrastructure from a secure Prism interface is designed to prevent man-in-the-middle attacks and keep intruders out of the platform. Even after the system is deployed and new vulnerabilities are found, the Nutanix security and support teams continue to provide patches in a non-disruptive manner.
Nutanix adds value in keeping infrastructure secure through each phase of the lifecycle as companies adopt an enterprise cloud platform.
Welcome back! In the last blog, we discussed why it’s important to start with a secure infrastructure platform, and how the Nutanix security development lifecycle incorporates security considerations into how the product is built. In this blog, we will discuss how the Nutanix enterprise cloud platform allows infrastructure to be securely deployed and managed by IT teams with minimal effort.
The Legacy Dilemma: Trading off Security for Agility
Deploying and managing legacy three-tier infrastructure is time-consuming, complex and expensive especially when it involves keeping the environment secure. When robust security becomes operationally expensive to maintain, IT teams trade off security for agility, either compromising on security measures to meet deadlines or missing on SLAs and dealing with dissatisfied business users. Poor security measures result in systems on the network exposed to malware, viruses, and attacks. Systems that have not been patched or hardened are easy targets for attackers looking for an entry point.
Security Considerations in Deploying and Managing Infrastructure
When buying an infrastructure platform, it is important to consider how easy the platform is to operate from a security point of view. Once deployed, the platform must provide security processes and capabilities that are efficient, comprehensive and holistic, covering the entire infrastructure stack including management functionality. Such a platform meets the security requirements of the most rigorous government environments but is simple enough to fit within constrained IT budgets.
Efficient security processes: For security to truly become invisible, the processes for maintaining security needs to become efficient and automated. For example, it should be easy to verify if the deployed platform meets the recommended security baseline. Also, the upgrade process for all system software needs to become non-disruptive and effortless so that IT teams don’t need to put off doing regular updates or planning downtime. Friction has to be reduced or eliminated through automation to enable IT teams to deploy securely and manage infrastructure.
Defense in depth: The defense in depth methodology discussed in the last blog creates barriers and keeps intruders from gaining access to critical infrastructure. Defense in depth is about implementing several layers of security measures that work in concert to increase the security of the system as a whole. The security measures must cover known industry certifications and meet high governance standards.
Control plane security: It’s highly important to pay as much attention to security in the control plane as in the rest of the infrastructure stack. Built-in capabilities need to prevent unauthorized access to the management platform, especially when it provides powerful capabilities. If an intrusion occurs, it’s important to protect the logs from tampering, limit malicious or inadvertent access, and continually reset to a known security baseline.
Nutanix Makes Efficient Security Possible
When deploying infrastructure and continually protecting it from inadvertent or malicious changes, a great place to start is the security guidelines based on US government standards, in particular, ones by the Defense Information Systems Agency (DISA). DISA has created a methodology called the Security Technical Implementation Guide, or STIG, that standardizes secure installation and maintenance of computer software and hardware.
STIGs lock down IT environments and reduce security vulnerabilities in infrastructure once it is deployed. One of the challenges with STIGs is that traditionally, using STIGs to secure an environment is a manual process that is highly time-consuming and prone to operator error. Because of this, only the most security conscious IT shops follow the required process.
Nutanix has created custom STIGs that are based on the guidelines outlined by DISA to keep the enterprise cloud platform within compliance and reduce attack surfaces. Nutanix includes five STIGs (AHV, AOS, Prism Web Server, Prism Reverse Proxy, and JRE STIGs) that collectively check over 800 security entities covering storage, virtualization and management.
To make the STIGs usable by all organizations, the STIGs are provided in machine-readable XCCDF.xml format in addition to the human-readable PDF format. This allows organizations to use tools that can read STIGs and automatically validate the security baseline of a deployment, reducing the accreditation time required to stay within compliance from months to days.
Nutanix also has a built-in capability called Security Configuration Management Automation (SCMA) that monitors the deployment periodically for any unknown or unauthorized changes to configurations, and can self-heal from any deviation to remain in compliance. For example, automatically protecting permissions on log files is just one of several vulnerabilities that Nutanix checks for to ensure their safety.
If for any reason the permissions on log files were changed, either maliciously or inadvertently, the Nutanix system will revert the changes back to the secure baseline. This simplifies the maintenance of security on an ongoing basis for all organizations.
Nutanix Custom STIGs
Defense in Depth Security with Minimal Effort
Nutanix recognizes that there is no “silver bullet” when it comes to securing infrastructure. The solution builds upon the Security Development Lifecycle (SecDL) and hardened platform discussed in the previous blog. Several comprehensive processes are in place to ease deployment and management for IT teams. Nutanix systems meet a broad set of certifications and standards requirements to ensure compliance with the strictest standards.
For example, Nutanix has worked on Common Criteria certification which is validated by external third party vendors. This ensures that Nutanix meets the security requirements it claims. Walking through a certification process is a time consuming and expensive proposition especially if the vendor has the product expertise. Nutanix moves the heavy lifting away from the customer and meets the high bar set by security certifications and standards, allowing customers to focus on driving business value.
This is the best type of security because adding applications can be done quickly, knowing that the infrastructure has already been hardened and meets certain technical regulatory requirements. The entire goal of a defense in depth methodology is to reduce the attack surface but Nutanix takes it many steps forward by making it invisible to IT teams.
Secure Full-Stack Management Capabilities with Prism
Nutanix Prism is the unified management platform that allows administrators to manage the entire infrastructure stack, from storage to built-in virtualization. Prism is an intuitive, easy to use interface that delivers simplicity without compromising on security. Prism has been hardened using the same security principles as the rest of the Nutanix infrastructure stack. A couple of features in Prism ensure that only properly credentialed administrators have access to the system – two-factor authentication and cluster lockdown.
Two-factor Authentication: Two-factor authentication requires client certificates along with username and password, and also has the ability to leverage Common Access Cards (CAC) typically found in government agencies. Common Access Cards utilize certificates and PINs to gain access to a system
Cluster Lockdown: Cluster lockdown provides an administrator the ability to disable username/password shell logins and leverage non-repudiated SSH (Secure Socket Shell) keys. When these keys are handed out, it’s easier to track changes within logs and pinpoint who made the change and at what time.
Prism provides an easy one-click operation to install certificates in addition to configuring username and password authentication. Communications between Prism and the administrator’s computer are securely encrypted using certificates. Encryption protocols are typically over SSL (Secure Socket Layer) or TLS (Transport Layer Security). By default, Prism utilizes the TLS protocol with an asymmetric public key infrastructure (PKI) system.
This system uses two keys, a public key and a private key to encrypt/decrypt communications. When the administrator requests an HTTPS connection to Prism, it returns a certificate to the administrator’s browser. The certificate contains a public key which starts the secure connection and the private key is used to decrypt the connection. Certificates are automatically checked and validated prior to being accepted. In order to meet the high security standards of NIST SP800-131a compliance, the requirements of the RFC 6460 for NSA Suite B, and to supply the optimal performance for encryption, the certificate import process validates that the correct signature algorithm is used for a given key/certificate pair.
This way, administrators don’t accidentally install an invalid certificate. This is one of several ways Nutanix makes it easier to deploy and manage infrastructure. To further lock down access to Prism, utilizing cluster lockdown is quick and easy, again through a one-click operation.
Supported Key Configurations
In this blog, we’ve seen how the Nutanix enterprise cloud platform incorporates a number of automation capabilities and features to efficiently secure a deployment of the platform and reduce the attack surface further using automation and management platform lockdown. In the next blog, we will look at how a world-class support organization continually watches for new threats and vulnerabilities to quickly provide patches and ensure ongoing security.